- Today
- Holidays
- Birthdays
- Reminders
- Cities
- Atlanta
- Austin
- Baltimore
- Berwyn
- Beverly Hills
- Birmingham
- Boston
- Brooklyn
- Buffalo
- Charlotte
- Chicago
- Cincinnati
- Cleveland
- Columbus
- Dallas
- Denver
- Detroit
- Fort Worth
- Houston
- Indianapolis
- Knoxville
- Las Vegas
- Los Angeles
- Louisville
- Madison
- Memphis
- Miami
- Milwaukee
- Minneapolis
- Nashville
- New Orleans
- New York
- Omaha
- Orlando
- Philadelphia
- Phoenix
- Pittsburgh
- Portland
- Raleigh
- Richmond
- Rutherford
- Sacramento
- Salt Lake City
- San Antonio
- San Diego
- San Francisco
- San Jose
- Seattle
- Tampa
- Tucson
- Washington
Kingsville Today
By the People, for the People
Leaked CBP Security Codes Expose Operational Vulnerabilities
Sensitive facility details shared on public flashcard platform raise concerns over government personnel's use of unauthorized software.
Apr. 6, 2026 at 12:42pm
Got story updates? Submit your updates here. ›
Confidential security procedures and access codes for U.S. Customs and Border Protection (CBP) facilities near Kingsville, Texas, were left exposed on the public flashcard platform Quizlet for weeks, highlighting a persistent gap between government security protocols and the personal habits of personnel tasked with upholding them.
Why it matters
This incident is a textbook example of 'Shadow IT'—the use of unauthorized software, devices, or applications within an organization, which can create massive security vulnerabilities when sensitive data is moved from secure government servers to public clouds. The stakes extend beyond a single facility, as systemic OPSEC failures across the Department of Homeland Security could expose critical infrastructure to foreign intelligence services or bad actors.
The details
The breach centered on a public Quizlet set titled 'USBP Review,' created in February, which contained specific, sensitive details regarding security operations at CBP facilities. Although the platform is designed for study purposes, the public nature of the set meant that anyone could access the operational intelligence that should have remained classified or restricted. The information remained accessible until March 20, when the user transitioned the set to private shortly after being contacted by WIRED.
- The Quizlet set was created in February 2026.
- The sensitive information remained publicly accessible until March 20, 2026.
The players
U.S. Customs and Border Protection (CBP)
The federal law enforcement agency responsible for border security and customs operations in the United States.
Quizlet
A popular online flashcard and study platform used by students and professionals to create and share learning materials.
What they’re saying
“The review is internal and should not be interpreted as a confirmation of wrongdoing.”
— CBP Spokesperson
What’s next
The CBP's Office of Professional Responsibility is currently reviewing the incident, and the fallout for the individual involved could range from administrative reprimand to the loss of security clearances, depending on the classification level of the leaked data. For the agency, the focus will likely shift toward stricter auditing of how personnel interact with external learning and productivity platforms.
The takeaway
This incident highlights the persistent challenge of balancing the need for flexible learning tools with the rigid requirements of national security. As federal agencies continue to modernize, they must find ways to prevent 'passive leakage' of sensitive information through the use of unauthorized third-party software, which can expose critical infrastructure to potential threats.
